CVSS: 9.0EPSS: 2%CPEs: 1EXPL: 0CVE-2021-41619
https://notcve.org/view.php?id=CVE-2021-41619
27 Oct 2021 — An issue was discovered in Gradle Enterprise before 2021.1.2. There is potential remote code execution via the application startup configuration. The installation configuration user interface (available to administrators) allows specifying arbitrary Java Virtual Machine startup options. Some of these options, such as -XX:OnOutOfMemoryError, allow specifying a command to be run on the host. This can be abused to run arbitrary commands on the host, should an attacker gain administrative access to the applicat... • https://security.gradle.com • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41590
https://notcve.org/view.php?id=CVE-2021-41590
27 Oct 2021 — In Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. The installation configuration user interface available to administrators allows testing the configured SMTP server settings. This test function can be used to identify the listening TCP ports available to the server, revealing information about the internal network environment. En Gradle Enterprise versiones hasta 2021.3, el sondeo del entorno de red del lado del servidor puede ocur... • https://security.gradle.com •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41586
https://notcve.org/view.php?id=CVE-2021-41586
24 Sep 2021 — In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password. En Gradle Enterprise versiones anteriores a 2021.1.3, un atacante con la habilidad de llevar a cabo ataques de tipo SSRF puede potencialmente restablecer la contraseña del usuario del sistema. • https://security.gradle.com/advisory/2021-05 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41587
https://notcve.org/view.php?id=CVE-2021-41587
24 Sep 2021 — In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources. En Gradle Enterprise versiones anteriores a 2021.1.3, un atacante con la capacidad de llevar a cabo ataques de tipo SSRF puede potencialmente descubrir credenciales para otros recursos. • https://security.gradle.com/advisory/2021-04 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41588
https://notcve.org/view.php?id=CVE-2021-41588
24 Sep 2021 — In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys. En Gradle Enterprise versiones anteriores a 2021.1.3, una petición diseñada puede desencadenar una deserialización de objetos Java no seguros arbitrarios. El atacante debe tener las claves de cifrado y de firma. • https://security.gradle.com/advisory/2021-03 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41584
https://notcve.org/view.php?id=CVE-2021-41584
24 Sep 2021 — Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a response (information disclosure of possibly sensitive build/configuration details) via a crafted HTTP request with the X-Gradle-Enterprise-Ajax-Request header. Gradle Enterprise versiones anteriores a 2021.1.3, puede permitir una visualización no autorizada de una respuesta (divulgación de información de detalles de construcción/configuración posiblemente confidenciales) por medio de una petición HTTP diseñada con el encabezado X-Gradle-... • https://security.gradle.com/advisory/2021-02 •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 3CVE-2021-32751 – Arbitrary code execution via specially crafted environment variables
https://notcve.org/view.php?id=CVE-2021-32751
20 Jul 2021 — Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the `application` plugin and the `gradlew` script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. This may impact those who use `gradlew` on Unix-like systems or use the scripts generated by Gradle in thieir application on Unix-like systems. For this vulnerability to be exploitable, an attacker needs to be able... • https://github.com/gradle/gradle/security/advisories/GHSA-6j2p-252f-7mw8 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 2CVE-2021-29427 – Repository content filters do not work in Settings pluginManagement
https://notcve.org/view.php?id=CVE-2021-29427
13 Apr 2021 — In Gradle from version 5.1 and before version 7.0 there is a vulnerability which can lead to information disclosure and/or dependency poisoning. Repository content filtering is a security control Gradle introduced to help users specify what repositories are used to resolve specific dependencies. This feature was introduced in the wake of the "A Confusing Dependency" blog post. In some cases, Gradle may ignore content filters and search all repositories for dependencies. This only occurs when repository cont... • https://github.com/arsalanraja987/gradle-cve-2021-29427-demo • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-29428 – Local privilege escalation through system temporary directory
https://notcve.org/view.php?id=CVE-2021-29428
13 Apr 2021 — In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. Gradle builds could be vulnerable to a local privilege escalation from an attacker quickly deleting and recreating files in the system temporary directory. This vulnerability impacted builds using precompiled script plugins written in Kotlin DSL and tests for Gradle plugins written using ProjectBuilder or TestKit. If you are o... • https://docs.gradle.org/7.0/release-notes.html#security-advisories • CWE-276: Incorrect Default Permissions CWE-378: Creation of Temporary File With Insecure Permissions CWE-379: Creation of Temporary File in Directory with Insecure Permissions •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-29429 – Information disclosure through temporary directory permissions
https://notcve.org/view.php?id=CVE-2021-29429
12 Apr 2021 — In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFactory are downloaded into the system temporary directory first. Sensitive information contained in these files can be exposed to other local users on the same system. If you do not use the `TextResourceFactory` API, you are not vulnera... • https://docs.gradle.org/7.0/release-notes.html#security-advisories • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-377: Insecure Temporary File •